<?php
include("../contents.php");
include("../security.php");
include("../settings.php");
include("../database.php");
echo "<"."?xml version=\"1.0\"?".">";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de">
  <head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
    <title><?php echo getsetting("sitename"); ?> - Administration</title>
    <link media="screen" rel="stylesheet" href="css/style.css" type="text/css" />
    <script src="js/scripts.js" type="text/javascript"></script>
    </head>

    <body id="editgrey">
    <?php
    if(!empty($_GET["dir"]) || (isset($_GET["dir"]) && $_GET["dir"]==0)) {
    	if ($_GET["dir"]==0 && (isset($_GET["pres"]) && Contents::presence_rights($_GET["pres"]))) {
    		$row_act=new rowact();
    		$row_act->id=0;
    		$row_act->presence=$_GET["pres"];
    		$row_act->name="/";
    	} else {
    		$act_dir=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_dirs WHERE id='". $_GET["dir"] ."'");
    		if (mysql_num_rows($act_dir)==1) {
    			$row_act=mysql_fetch_object($act_dir);
    			if (!Contents::presence_rights($row_act->presence)) {
    				die("Sie haben keinen Zugriff auf dieses Verzeichnis");
    			}
    		} else {
    			die("Dieses Verzeichnis existiert nicht!");
    		}
    	}

    	if (!empty($_GET["create_page"]) && getright("content_add")) {
			$_GET["create_page"]=urldecode($_GET["create_page"]);
    		$newuniquid=create_uniqid($GLOBALS["db_pref"] ."content_documents");
    		$shortname=Contents::create_unique_docname($_GET["create_page"], "content_documents", $row_act->presence);
    		if(mysql_num_rows(mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_documents WHERE ofdir='". $_GET["dir"] ."' and created_date>'". ((idate("U")) - 4) ."'"))==0) {
    			mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_documents SET id='". $newuniquid ."', pagetitle='". $_GET["create_page"] ."', shortname='". $shortname ."', webtitle='". $_GET["create_page"] ."', ofdir='". $_GET["dir"] ."', editlang='". getsetting("standard_language") ."', deleted='0', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."', version='1'");
    		}
    	}
    	
    	if (!empty($_GET["checkoutdocument"]) && getright("content_add")) {
    		checkoutdoc($_GET["checkoutdocument"], 1);
    		/*
   			$page=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_documents WHERE id2='". $_GET["checkoutdocument"]."'");
    		if (mysql_num_rows($page)==1) {
   				$row_page=mysql_fetch_object($page);
				if(mysql_num_rows(mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_documents WHERE created_date>=". (idate("U") - 5) ." and id='". $row_page->id ."'"))==0) {
    				$newpage=mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_documents SET id='". $row_page->id ."', pagetitle='". $row_page->pagetitle ."', shortname='". $row_page->shortname ."', webtitle='". $row_page->webtitle ."', description='". $row_page->description ."', keywords='". $row_page->keywords ."', template='". $row_page->template ."',cache='". $row_page->cache ."', webusergroups='". $row_page->webusergroups ."', editlang='". $row_page->editlang ."', ofdir='". $row_page->ofdir ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."', version='". ($row_page->version + 1) ."'");
    				$newpageid=mysql_insert_id();
    				$repetitions=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_repetitions WHERE docuid='". $row_page->id2 ."' and deleted='0'");
	    			for ($i=0; $i<mysql_num_rows($repetitions); $i++) {
    					$row_rep=mysql_fetch_object($repetitions);
    					$newrepetition=mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_repetitions SET id2='". $row_rep->id2 ."', name='". $row_rep->name ."', docuid='". $newpageid ."', sort='". $row_rep->sort ."', template='". $row_rep->template ."', module='". $row_rep->module ."', language='". $row_rep->language ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."'");
    					$newrepid=mysql_insert_id();
    					$textblocks=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_blocks WHERE repetition='". $row_rep->id ."' and deleted='0'");
	    				for($j=0; $j<mysql_num_rows($textblocks); $j++) {
    						$row_block=mysql_fetch_object($textblocks);
    						mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_blocks SET repetition='". $newrepid ."', name='". $row_block->name ."', content='". $row_block->content ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."'");
    					}
    					$textimages=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_images WHERE repetition='". $row_rep->id ."' and deleted='0'");
    					for($j=0; $j<mysql_num_rows($textimages); $j++) {
	    					$row_image=mysql_fetch_object($textimages);
    						mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_images SET repetition='". $newrepid ."', name='". $row_image->name ."', image='". $row_image->image ."', link='". $row_image->link ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."'");
    					}
    					if($row_rep->module!="" && file_exists("../modules/". $row_rep->module ."/checkout.php")) {
    						include_once("../modules/". $row_rep->module ."/checkout.php");
    						$checkoutfunc="checkout_". $row_rep->module;
    						$checkoutfunc($row_rep->id, $newrepid);
    					}
    				}
    			}
			} */
    	}
    	
    	if (!empty($_GET["checkindocument"]) && getright("content_add")) {
    		$document=mysql_query("SELECT id,id2 FROM ". $GLOBALS["db_pref"] ."content_documents WHERE id2='". $_GET["checkindocument"] ."'");
    		if (mysql_num_rows($document)==1) {
    			$row_new=mysql_fetch_object($document);
				mysql_query("UPDATE ". $GLOBALS["db_pref"] ."content_documents SET deleted='1', delete_by='". $_SESSION["userid"] ."', delete_date='". idate("U") ."' WHERE id='". $row_new->id ."' and deleted='0' and checkin_date>'0' and id2!='". $row_new->id2 ."'");
				$checkindoc="UPDATE ". $GLOBALS["db_pref"] ."content_documents SET checkin_by='". $_SESSION["userid"] ."', checkin_date='". idate("U") ."' WHERE id2='". $row_new->id2 ."'";
	   			mysql_query($checkindoc);
    		}
    	}

    	if (!empty($_GET["pastecopydocument"]) && getright("content_add") && isset($_SESSION["clipboard"]["copydocs"][$_GET["pastecopydocument"]])) {
    		checkoutdoc($_GET["pastecopydocument"], 2, $_GET["dir"]);
    	}
    	
    	if (!empty($_GET["copydocument"])) {
    		if(!isset($_SESSION["clipboard"])) $_SESSION["clipboard"]=array();
    		if(!isset($_SESSION["clipboard"]["copydocs"])) $_SESSION["clipboard"]["copydocs"]=array();
    		if(!isset($_SESSION["clipboard"]["copydocs"][$_GET["copydocument"]])) $_SESSION["clipboard"]["copydocs"][$_GET["copydocument"]]=1;
    	}

    	if (!empty($_GET["delcopydocument"])) {
    		unset($_SESSION["clipboard"]["copydocs"][$_GET["delcopydocument"]]);
    	}

    	if (!empty($_GET["deldocument"]) && getright("content_delete")) {
    		mysql_query("UPDATE ". $GLOBALS["db_pref"] ."content_documents SET deleted='1', delete_by='". $_SESSION["userid"] ."', delete_date='". idate("U") ."' WHERE id2='". $_GET["deldocument"] ."'");
    	}
    	
    	if (!empty($_GET["deldir"]) && getright("content_dir_delete")) {
    		mysql_query("UPDATE ". $GLOBALS["db_pref"] ."content_dirs SET deleted='1' WHERE id='". $_GET["deldir"] ."'");
   			?><script language="JavaScript" type="text/javascript">
    			<!--
    				reloadleft();
    			// --></script><?php
    	}

    	if (!empty($_GET["rename_dir_id"]) && !empty($_GET["rename_dir"]) && getright("content_dir_rename")) {
    		mysql_query("UPDATE ". $GLOBALS["db_pref"] ."content_dirs SET name='". $_GET["rename_dir"] ."' WHERE id='". $_GET["rename_dir_id"] ."'");
    			?><script language="JavaScript" type="text/javascript">
    			<!--
    				reloadleft();
    			// --></script><?php
    	}

    	if (!empty($_GET["create_dir"]) && getright("content_dir_add")) {
			$_GET["create_dir"]=urldecode($_GET["create_dir"]);
    		$max=mysql_query("SELECT max(`sort`) as max FROM ". $GLOBALS["db_pref"] ."content_dirs WHERE subof='". $row_act->id ."' and presence='". $row_act->presence ."' and deleted='0'");
    		$dir_exists=mysql_query("SELECT id FROM ". $GLOBALS["db_pref"] ."content_dirs WHERE name='". $_GET["create_dir"] ."' and presence='". $row_act->presence ."' and subof='". $row_act->id ."' and deleted='0'");
    		if (mysql_num_rows($dir_exists)==0) {
    			$row_max=mysql_fetch_object($max);
    			mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_dirs SET name='". $_GET["create_dir"] ."', subof='". $row_act->id ."', presence='". $row_act->presence ."', deleted='0', sort='". ($row_max->max + 1) ."'");
    			?><script language="JavaScript" type="text/javascript">
    			<!--
    				reloadleft();
    			// --></script><?php
    		}
    	}
    	?>
    	<div id="overview">
    	  <h1>Inhalt des Verzeichnisses &quot;<?php echo $row_act->name; ?>&quot;</h1>
    	  <img src="images/dir_symbol.gif" width="64" height="64" alt="" style="padding-right:20px;float:left;" />
    	  <p>Hier finden Sie alle Artikel.</p>
    	  <br style="clear:both;" />
	    </div>
	    <div id="edit">
	    	<?php
	    	if (getright("content_add") && isset($_SESSION["clipboard"]["copydocs"]) && count($_SESSION["clipboard"]["copydocs"])>0) {
	    	?>
	   		<table style="width:100%;padding:0px; margin:0px;border-top:0px;border-left:1px solid #aaaaaa;border-right:1px solid #aaaaaa;border-bottom:1px solid #aaaaaa; background-color:#ffffff" cellspacing="0" cellpadding="0">
          		<tr>
          			<th style="border:1px solid #666666;">Name</th>
          			<th style="border-top:1px solid #666666;border-right:1px solid #666666;border-bottom:1px solid #666666;" width="80">Aktion</th>
          		</tr>
          		<?php
          		while(list($key, $val) = each($_SESSION["clipboard"]["copydocs"])) {
          			$docname=mysql_query("SELECT pagetitle FROM ". $GLOBALS["db_pref"] ."content_documents WHERE id2='". $key ."' LIMIT 1");
          			if (mysql_num_rows($docname)==1) {
          				$row_docname=mysql_fetch_object($docname);
          			?>
          			<tr onmouseover="setbgcolor(this, '#eeeeee')" onmouseout="setbgcolor(this, '#ffffff')">
          				<td class="tdnormal"><?php
          					echo $row_docname->pagetitle;
          				?></td>
          				<td class="tdnormal">
          					<a href="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&amp;pastecopydocument=<?php echo $key; echo ($row_act->id==0)?"&amp;pres=". $row_act->presence:""; ?>"><img src="images/paste.gif" style="border:0px;width:16px;height:16px;" alt="Einf&uuml;gen" title="Einf&uuml;gen" /></a>
          					<a href="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&amp;delcopydocument=<?php echo $key; echo ($row_act->id==0)?"&amp;pres=". $row_act->presence:""; ?>"><img src="images/delete.gif" style="border:0px;width:14px;height:16px;" alt="L&ouml;schen" title="L&ouml;schen" /></a>
          				</td>
          			</tr>
          			<?php
          			}
          		}
          		?>
          	</table><br />
          	<?php
	    	}
          	?>
		    <table style="width:100%;padding:0px; margin:0px;border-top:0px;border-left:1px solid #aaaaaa;border-right:1px solid #aaaaaa;border-bottom:1px solid #aaaaaa; background-color:#ffffff" cellspacing="0" cellpadding="0">
          		<tr>
          			<th style="border:1px solid #666666;">Name</th>
          			<th style="border-top:1px solid #666666;border-right:1px solid #666666;border-bottom:1px solid #666666;" width="50">Version</th>
          			<th style="border-top:1px solid #666666;border-right:1px solid #666666;border-bottom:1px solid #666666;" width="80">Aktion</th>
          		</tr>
    			<?php
		    	$subdirs=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_dirs WHERE subof='". $row_act->id ."' and presence='". $row_act->presence ."' and deleted='0' order by name");
    			if (mysql_num_rows($subdirs)>0) {
    				for($i=0; $i<mysql_num_rows($subdirs); $i++) {
    					$row_subdirs=mysql_fetch_object($subdirs);
    					?>
    					<tr onmouseover="setbgcolor(this, '#eeeeee')" onmouseout="setbgcolor(this, '#ffffff')">
    						<td class="tdnormal"><a href="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_subdirs->id; ?>">
    							<img src="images/folder.gif" width="16" height="16" border="0" style="padding-right:5px;" />
    							<?php echo $row_subdirs->name; ?></a>
    						</td>
    						<td class="tdnormal"></td>
    						<td class="tdnormal">
    						<?php if (getright("content_dir_rename")) { ?>
    						<a href="javascript:askrenamedir('<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&amp;rename_dir_id=<?php echo $row_subdirs->id; echo ($row_act->id==0)?"&amp;pres=". $row_act->presence:""; ?>','<?php echo $row_subdirs->name; ?>')"><img src="images/edit.gif" style="border:0px;width:12px;height:16px;" /></a>
    						<?php } ?>

    						<?php if (getright("content_dir_delete")) { ?>
    						<a href="javascript:askdelete('<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&amp;deldir=<?php echo $row_subdirs->id; echo ($row_act->id==0)?"&amp;pres=". $row_act->presence:""; ?>')"><img src="images/delete.gif" style="border:0px;width:14px;height:16px;" /></a>
    						<?php } ?>
    						</td>
    					</tr>
    					<?php
    				}
    			}
				$content_documents=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_documents WHERE ofdir='". $row_act->id ."' and deleted='0'");
				if (mysql_num_rows($content_documents)>0) {
    				for($i=0; $i<mysql_num_rows($content_documents); $i++) {
    					$row_content_documents=mysql_fetch_object($content_documents);
    					?>
    					<tr onmouseover="setbgcolor(this, '#eeeeee')" onmouseout="setbgcolor(this, '#ffffff')">
    						<!-- <td style="padding:0px;padding-left:7px;margin:0px;border:0px;"><a href="admin_content_edit.php?name=<?php echo $row_content_documents->shortname; ?>"><?php echo $row_content_documents->pagetitle; ?></a></td> -->
    						<td class="tdnormal">
    							<a href="admin_content_edit.php<?php echo "?name=". $row_content_documents->id2; ?>"><img src="images/page.gif" width="14" height="12" border="0" style="padding-right:5px;" /> <?php echo $row_content_documents->pagetitle; ?></a>
    						</td>
    						<td class="tdcenter"><?php echo $row_content_documents->version; ?></td>
    						<td class="tdnormal">
    						<?php if (getright("content_add")) { ?>
    						<a href="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&amp;copydocument=<?php echo $row_content_documents->id2; echo ($row_act->id==0)?"&amp;pres=". $row_act->presence:""; ?>"><img src="images/copy.gif" style="border:0px;width:16px;height:16px;" title="Kopieren" /></a>
    						<?php } ?>
    						<a href="<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&amp;check<?php echo ($row_content_documents->checkin_date=='0')?"in":"out"; ?>document=<?php echo $row_content_documents->id2; ?>"><img src="images/<?php echo ($row_content_documents->checkin_date=='0')?"checkin":"checkout";?>.gif" title="<?php echo ($row_content_documents->checkin_date=='0')?"Check-In":"Check-Out";?>" style="border:0px;width:16px;height:16px;" /></a>
    						<?php if (getright("content_delete")) { ?>
    						<a href="javascript:askdelete('<?php echo $_SERVER["PHP_SELF"]; ?>?dir=<?php echo $row_act->id; ?>&amp;deldocument=<?php echo $row_content_documents->id2; echo ($row_act->id==0)?"&amp;pres=". $row_act->presence:""; ?>')"><img src="images/delete.gif" style="border:0px;width:14px;height:16px;" title="L&ouml;schen" /></a>
    						<?php } ?>
    						</td>
    					</tr>
    					<?php
    				}
				}
    			?>
    		</table>
		<?php
    }
  	if (getright("content_dir_add")) { ?>
   		<a href="javascript:asknewdir('<?php echo $_SERVER["PHP_SELF"]; ?>?&amp;dir=<?php echo $_GET["dir"]; echo ($row_act->id==0)?"&amp;pres=". $row_act->presence:""; ?>')" class="small">Verzeichnis erstellen</a><?php
   	}
   	if (isset($_GET["dir"]) && $_GET["dir"]>0 && getright("content_add")) {
   		?> | <a href="javascript:asknewentry('<?php echo $_SERVER["PHP_SELF"]; ?>?&amp;dir=<?php echo $_GET["dir"]; ?>')" class="small">Dokument erstellen</a><?php
   	}
    ?>
    	</div>
    </body>
    </html>
<?php
function create_uniqid($table) {
	$newid=md5(uniqid(rand()));
	if (mysql_num_rows(mysql_query("SELECT id FROM ". $table ." WHERE id='". $newid ."'"))>0) {
		return create_uniqid($table);
	} else {
		return $newid;
	}
}

function checkoutdoc($id, $type=1, $dir="") {
	$page=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_documents WHERE id2='". $id ."'");
   	if (mysql_num_rows($page)==1) {
   		$row_page=mysql_fetch_object($page);
		if(mysql_num_rows(mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_documents WHERE created_date>=". (idate("U") - 5) ." and id='". $row_page->id ."'"))==0) {
			if($dir=="") {
				$dir=$row_page->ofdir;
			}
			$version=1;
			if($type==1) {
				$version=($row_page->version + 1);
			}
			if($type==2) {
				$row_page->id=create_uniqid($GLOBALS["db_pref"] ."content_documents");
			}
    		$newpage=mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_documents SET id='". $row_page->id ."', pagetitle='". $row_page->pagetitle ."', shortname='". $row_page->shortname ."', webtitle='". $row_page->webtitle ."', description='". $row_page->description ."', keywords='". $row_page->keywords ."', template='". $row_page->template ."',cache='". $row_page->cache ."', webusergroups='". $row_page->webusergroups ."', editlang='". $row_page->editlang ."', ofdir='". $dir ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."', version='". $version ."'");
    		$newpageid=mysql_insert_id();
    		$repetitions=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_repetitions WHERE docuid='". $row_page->id2 ."' and deleted='0'");
			for ($i=0; $i<mysql_num_rows($repetitions); $i++) {
    			$row_rep=mysql_fetch_object($repetitions);
    			$newrepetition=mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_repetitions SET id2='". $row_rep->id2 ."', name='". $row_rep->name ."', docuid='". $newpageid ."', sort='". $row_rep->sort ."', template='". $row_rep->template ."', module='". $row_rep->module ."', language='". $row_rep->language ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."'");
    			$newrepid=mysql_insert_id();
    			$textblocks=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_blocks WHERE repetition='". $row_rep->id ."' and deleted='0'");
				for($j=0; $j<mysql_num_rows($textblocks); $j++) {
    				$row_block=mysql_fetch_object($textblocks);
    				mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_blocks SET repetition='". $newrepid ."', name='". $row_block->name ."', content='". $row_block->content ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."'");
    			}
    			$textimages=mysql_query("SELECT * FROM ". $GLOBALS["db_pref"] ."content_images WHERE repetition='". $row_rep->id ."' and deleted='0'");
    			for($j=0; $j<mysql_num_rows($textimages); $j++) {
					$row_image=mysql_fetch_object($textimages);
    				mysql_query("INSERT INTO ". $GLOBALS["db_pref"] ."content_images SET repetition='". $newrepid ."', name='". $row_image->name ."', image='". $row_image->image ."', link='". $row_image->link ."', created_by='". $_SESSION["userid"] ."', created_date='". idate("U") ."'");
    			}
    			if($row_rep->module!="" && file_exists("../modules/". $row_rep->module ."/checkout.php")) {
    				include_once("../modules/". $row_rep->module ."/checkout.php");
    				$checkoutfunc="checkout_". $row_rep->module;
    				$checkoutfunc($row_rep->id, $newrepid);
    			}
    		}
    	}
	}
}
?>